Project ReportProject Report

onon

Project by - Nutan Kumar Panda

Technology Evangelist ISEH

R&D - ATL Guwahati

An Introduction

Penetration tests are a great way to identify vulnerabilities that exists in a system or network that has an existing security measures in place. A penetration test usually involves the use of attacking methods conducted by trusted individuals that are similarly used by hostile intruders or hackers. Depending on the type of test that is conducted, this may involve a simple scan of an IP addresses to identify machines that are offering services with known vulnerabilities or even exploiting known vulnerabilities that exists in an unpatched operating system. The results of these tests or attacks are then documented and presented as report to the owner of the system and the vulnerabilities identified can then be resolved. Bear in mind that a penetration test does not last forever. Depending on the organization conducting the tests, the time frame to conduct each test varies. A penetration test is basically an attempt to breach the security of a network or system and is not a full security audit. This means that it is no more than a view of a system’s security at a single moment in time. At this time, the known vulnerabilities, weaknesses or misconfigured systems have not changed within the time frame the penetration test is conducted.

Penetration testing is often done for two reasons. This is either to increase upper management awareness of security issues or to test intrusion detection and response capabilities. It also helps in assisting the higher management in decision-making processes. The management of an organization might not want to address all the vulnerabilities that are found in a vulnerability assessment but might want to address its system weaknesses that are found through a penetration test. This can happen as addressing all the weaknesses that are found in a vulnerability assessment can be costly and most organizations might not be able allocate the budget to do this.

Penetration tests can have serious consequences for the network on which they are run. If it is being badly conducted it can cause congestion and systems crashing. In the worst case scenario, it can result in the exactly the thing it is intended to prevent. This is the compromise of the systems by unauthorized intruders. It is therefore vital to have consent from the management of an organization before conducting a penetration test on its systems or network.

TITLE OF THE PROJECT

Penetration Testing Using Backtrack:

BackTrack is the world’s leading penetration testing and information securityauditing distribution. With hundreds of tools preinstalled and configured to run outof the box, BackTrack 4 provides a solid Penetration testing platform ‐ from Webapplication Hacking to RFID auditing – its all working in once place.

What is Penetration Testing?

Much of the confusion surrounding penetration testing stems from the fact it is a relatively recent

and rapidly evolving field. Additionally, many organizations will have their own internal

terminology (one man's penetration test is another's vulnerability audit or technical risk

assessment).

At its simplest, a penetration-test (actually, we prefer the term security assessment) is the process

of actively evaluating your information security measures. Note the emphasis on 'active'

assessment; the information systems will be tested to find any security issues, as opposed to a

solely theoretical or paper-based audit.

The results of the assessment will then be documented in a report, which should be presented at a

debriefing session, where questions can be answered and corrective strategies can be freely

discussed.

Objective and Scope

Why Conduct A Penetration Testing?

From a business perspective, penetration testing helps safeguard your organization against

failure, through:

Preventing financial loss through fraud (hackers, extortionists and disgruntled employees) or

through lost revenue due to unreliable business systems and processes.

Proving due diligence and compliance to your industry regulators, customers and shareholders.

Non-compliance can result in your organization losing business, receiving heavy fines,

gathering bad PR or ultimately failing. At a personal level it can also mean the loss of your

job, prosecution and sometimes even imprisonment.

Protecting your brand by avoiding loss of consumer confidence and business reputation.

From an operational perspective, penetration testing helps shape information security strategy

through:

Identifying vulnerabilities and quantifying their impact and likelihood so that they can be

managed proactively; budget can be allocated and corrective measures implemented.

What can be tested?

All parts of the way that your organization captures, stores and processes information can be

assessed; the systems that the information is stored in, the transmission channels that transport it,

and the processes and personnel that manage it. Examples of areas that are commonly tested are:

Off-the-shelf products (operating systems, applications, databases, networking equipment etc.)

Bespoke development (dynamic web sites, in-house applications etc.)

Telephony (war-dialing, remote access etc.)

Wireless (WIFI, Bluetooth, IR, GSM, RFID etc.)

Personnel (screening process, social engineering etc.)

Physical (access controls, dumpster diving etc.)

What should be tested?

Ideally, your organization should have already conducted a risk assessment, so will be aware of

the main threats (such as communications failure, e-commerce failure, loss of confidential

information etc.), and can now use a security assessment to identify any vulnerabilities that are

related to these threats. If you haven't conducted a risk assessment, then it is common to start

with the areas of greatest exposure, such as the public facing systems; web sites, email gateways,

remote access platforms etc.

Sometimes the 'what' of the process may be dictated by the standards that your organization is

required to comply with? For example, a credit-card handling standard (like PCI) may require

that all the components that store or process card-holder data are assessed.

Feasibility Study

In this section the assessment is done over the service that can be implemented

or not. It refers to feasibility study of the Backtrack in terms of outcome, operation ability, technical support. The studies done according to some criteria like:

Economic Feasibility, Operational Feasibility & Technical feasibility.

Eonomic Feasibility:

It’s the study of output of Penetration testing done by backtrack. This product is economicaly feasible as this is freeware. This also provide the following benefits to the org.

Reduce processing time Reduce work load Administration is effective One System monitoring and working

Operational Feasibility:

This study refers to if the product is operational or not & this is operational for any kind of organization small network (single pc) or a large network.

Technical feasibility:

This system has its prominent parts for which online support is there in their respective websites. So nothing to bother about the technical feasibility.